110 lines
3.4 KiB
Plaintext
110 lines
3.4 KiB
Plaintext
# Security
|
|
ServerTokens <%= @server_tokens %>
|
|
ServerSignature <%= @server_signature %>
|
|
TraceEnable <%= @trace_enable %>
|
|
|
|
ServerName "<%= @servername %>"
|
|
ServerRoot "<%= @server_root %>"
|
|
PidFile <%= @pidfile %>
|
|
Timeout <%= @timeout %>
|
|
KeepAlive <%= @keepalive %>
|
|
MaxKeepAliveRequests <%= @max_keepalive_requests %>
|
|
KeepAliveTimeout <%= @keepalive_timeout %>
|
|
|
|
User <%= @user %>
|
|
Group <%= @group %>
|
|
|
|
AccessFileName .htaccess
|
|
<FilesMatch "^\.ht">
|
|
<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%>
|
|
Require all denied
|
|
<%- else -%>
|
|
Order allow,deny
|
|
Deny from all
|
|
Satisfy all
|
|
<%- end -%>
|
|
</FilesMatch>
|
|
|
|
<Directory />
|
|
Options FollowSymLinks
|
|
AllowOverride None
|
|
</Directory>
|
|
|
|
DefaultType none
|
|
HostnameLookups Off
|
|
ErrorLog "<%= @logroot %>/<%= @error_log %>"
|
|
LogLevel <%= @log_level %>
|
|
EnableSendfile <%= @sendfile %>
|
|
|
|
#Listen 80
|
|
|
|
<% if @apxs_workaround -%>
|
|
# Workaround: without this hack apxs would be confused about where to put
|
|
# LoadModule directives and fail entire procedure of apache package
|
|
# installation/reinstallation. This problem was observed on FreeBSD (apache22).
|
|
#LoadModule fake_module libexec/apache22/mod_fake.so
|
|
<% end -%>
|
|
|
|
Include "<%= @mod_load_dir %>/*.load"
|
|
<% if @mod_load_dir != @confd_dir and @mod_load_dir != @vhost_load_dir -%>
|
|
Include "<%= @mod_load_dir %>/*.conf"
|
|
<% end -%>
|
|
Include "<%= @ports_file %>"
|
|
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
|
LogFormat "%{Referer}i -> %U" referer
|
|
LogFormat "%{User-agent}i" agent
|
|
<% if @log_formats and !@log_formats.empty? -%>
|
|
<%- @log_formats.each do |nickname,format| -%>
|
|
LogFormat "<%= format -%>" <%= nickname %>
|
|
<%- end -%>
|
|
<% end -%>
|
|
|
|
<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%>
|
|
IncludeOptional "<%= @confd_dir %>/*.conf"
|
|
<%- else -%>
|
|
Include "<%= @confd_dir %>/*.conf"
|
|
<%- end -%>
|
|
<% if @vhost_load_dir != @confd_dir -%>
|
|
Include "<%= @vhost_load_dir %>/*"
|
|
<% end -%>
|
|
|
|
<% if @error_documents -%>
|
|
# /usr/share/apache2/error on debian
|
|
Alias /error/ "<%= @error_documents_path %>/"
|
|
|
|
<Directory "<%= @error_documents_path %>">
|
|
AllowOverride None
|
|
Options IncludesNoExec
|
|
AddOutputFilter Includes html
|
|
AddHandler type-map var
|
|
<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%>
|
|
Require all granted
|
|
<%- else -%>
|
|
Order allow,deny
|
|
Allow from all
|
|
<%- end -%>
|
|
LanguagePriority en cs de es fr it nl sv pt-br ro
|
|
ForceLanguagePriority Prefer Fallback
|
|
</Directory>
|
|
|
|
ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
|
|
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
|
|
ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
|
|
ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
|
|
ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
|
|
ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
|
|
ErrorDocument 410 /error/HTTP_GONE.html.var
|
|
ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
|
|
ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
|
|
ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
|
|
ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
|
|
ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
|
|
ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
|
|
ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
|
|
ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
|
|
ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
|
|
ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
|
|
<% end -%>
|